logo
DATABASE RESOURCES PRICING ABOUT US

Debian DLA-2025-1 : openslp-dfsg security update

Description

The OpenSLP package had two open security issues : CVE-2017-17833 OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial of service or a remote code-execution vulnerability. CVE-2019-5544 OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the critical severity range. For Debian 8 'Jessie', these problems have been fixed in version 1.2.1-10+deb8u2. This upload was prepared by Utkarsh Gupta <guptautkarsh2102@gmail.com>. We recommend that you upgrade your openslp-dfsg packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related